elaboration phase 1
Faze 1 must work anywhere.
Use your laptop in DHCP with virtualbox ...
masquerader (1)
An iptables firewall in CentOS7
Put a network card in bridged on DHCP.
Put a second network card in INTnet.
Use iptables to apply NAT masquerading from the outside to the intnet. (DHCP to NAT does not work with DNAT)
Later we will talk about the iptables rules. For the time bein...

Hello,
i have a small project.
i want an iptables script that blocks all country except the following,
Saudi Arabia
United Arab Emirates
Kuwait
Bahrain
Qatar
Amman
Yemen
Iraq
Syria
Lebanon
Jordan
Palestine
Turkey
Egypt
Algeria
Tunisia
Morocco
Libya
all I want them to be whitelisted
and i want the connections speed to be limited with 5Mbps but the speed limit i want it o...

I have a NGINX web server i just run a web and IPTV
but i want to block all VPN and proxy user
i dont know how to do
if u can do it useing by iptables thats good or any other way
I found a URL this URL show IP come from proxy or vpn or not
[login to view URL]
if you can make this please big if u cant dont
i dont release until i test it

Script that will
Take the result of a mysql query (list of ips) (including running the query)
and loop through the ips and add them to firewall block list iptables -D INPUT -s [login to view URL] -j DROP

hi,
so basically what we need is porting ipp2p module to ipv6
[login to view URL]
xt_ipp2p
i don’t know if more modules are required to be ported for this task.
the module should work with debian 9 (stretch) kernel and definition of done would be testing if it correctly marks torrent traffic. if required - we can provide iptables rules we use to mark traffic via ipv4, which ...

I want to successfully limit the number of SSH concurrent connections to 1 per user.
(without having to setup this limit on the port).
Maxsessions and maxlogins don't work.
All linux distro seems to allow concurrent ssh connections, unless you use iptables on a specific port.
I need to use 1 port only, and set this limit per user (basically for every user, except the root).
So John c...

I have a FreePBX server and I need to route all VOIP traffic by port. 5060 and 10000 through 20000 through 1 gateway and all other ports through another gateway. All in same subnet same interface. Our ITSP (Spectrum enterprise) will not allow anything other that VOIP traffic through their Voice network. Diagram enclosed. Something like this. [login to view URL] I'm just not an IPtables ex...

I have a PHP front-end script that allows me to add authorized IP and expire date via IPtables. For example, if i want Iptables to allow this IP [login to view URL] to have access to the server , I would add this IP using the PHP script. The PHP script then adds the IP and the expiry date (unix time e.g 1 month from today would be: 1519510914) to the Iptables. The script works but sometimes, I hav...

Hello there, I am running a website with high traffic, I've installed Varnish becouse of website speed, when it reaches 2,300 online, it gives me 503 (Backend fetch failed) Varnish cache error.
Maybe there is Varnish installed incorrectly, or there is a script problam wich burns the server.
I also had atack from China/Russia Ip's but I've blocked them via Iptables (firewall)
...